Re: [DRAFT] resolving DFSG violations
On Thu, 2008-10-30 at 17:34 +0100, Michelle Konzack wrote:
> So now as a Manufacturer I have the choice between
> 1) Use a huge NV/FLASH/EEPROM Memory which make the Hardware maybe
> 10-20 Euro more expensive and I will lost customers.
> 2) Use huge external SRAM (makes the Hardware expensive too) to let
> users load there own non tested and non-optimised blob and become
> sued if something goes wrong.
Um, no. See, what you don't seem to understand is that users can load
their own non-tested and non-optimized blob whether you release source
or not. In fact, by not releasing source, you *increase* the risk that
users' modifications will damage the hardware.
The point here is that loadable firmware exposes you to a risk. The
refusal to provide source has nothing to do with whether the risk is
exposed; but providing source would *reduce* it.
> So, the Open-Source System does not realy work on Hardware...
Of course, we're not talking about Hardware, we're talking about
firmware, which is, of course, a kind of software.
> I do not know HOW OpenMoko do this, but the certification for GSM
> software/firmware IS expensive and it IS required by law.
If I understand correctly, then you (and perhaps many others), are not
being honest in attaining GSM certification. You seem to be saying that
the certification is contigent upon it being impossible for the user to
change the behavior of the device in a non-compliant way. But the mere
fact that you are using loadable firmware means that the user can make
such a change. It has nothing to do with the license for the firmware,
or whether there is source, or even whether your or Debian or anyone
else distribute the firmware. The device, in fact, *cannot* be
guaranteed to meet the certification, because it provides the capacity
for users to load non-compliant firmware.
Now whether that's a serious problem or not, I don't know, but it is
entirely distinct from the license terms on the firmware blob.